Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IP APM, Install/Upgrade
Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1
Fixed In:
14.0.0
Opened: Jan 12, 2017 Severity: 4-Minor
In previous releases, some invalid combinations of Profile Type and User Identification Methods were allowed via either the UI or tmsh.
It is possible to create and use non-allowed profile type-user identification methods. Then, during upgrades, the following Profile types will have their user identification method automatically set to the corresponding values in the following table because other methods are not supported. Profile Type | User Identification Method --------------------------------------------- OAuth-Resource-Server| OAuth Token SSL-VPN | HTTP System Authentication| HTTP
Use of invalid Profile types and User Identification methods is possible and they wont work.
You can reconfigure the user identification method to list of allowed ones: Profile Type | User Identification Method --------------------------------------------- All | HTTP LTM-APM | {HTTP | IP Address} OAuth-Resource-Server| OAuth Token SSL-VPN | HTTP SWG-Transparent | IP Address SWG-Explicit | {IP Address | Credentials} System Authentication| HTTP
During upgrades, the following Profile types will have their user identification method automatically set to the corresponding values in the following tables because other methods are not supported. Warning message will be logged for each upgrade set required. In earlier releases, users were not prevented from selecting such user id methods. Profile Type | User Identification Method --------------------------------------------- OAuth-Resource-Server| OAuth Token SSL-VPN | HTTP System Authentication| HTTP